Re: SSH Sentinel Client help please

[Rafael Coninck Teigao <rafael@SafeCore.NET>]

Robert Schwartz wrote:

> 1) I'm using the beta (1.3).  Is this the right version to concentrate
> on or is the 1.2 release a better client (Client OS are Windows 2000 and
> Windows XP)
>

    I've tested with 1.2.3, but I'll give 1.3 a shot today.

> 2) I've configured my server per Rafael Coninck Teigao's post and set up
> the client to use a pre-shared secret:
> The policy file is a cut and paste off Rafael's email.  When I try to
> connect I establish an SA, I can ping the inside interface of the
> bastion host, but I cannot ping hosts on the network etc.
>
> There is an option for virtual IP address, when I tweak with those
> settings I get an error about an INVALID_COOKIE.  Searching for that
> error string through all the usual sources lead to some discussion about
> upgrading to current.  I was on a stable branch from last week, but I
> upgraded to current and still get this issue.

    I'm sending attached my .jpg's showing the configuration I used on
Sentinel (from install, forward). I must say that it wasn't required to use
proxy arp on the gateway.

> 3) Has anyone implemented this with certificates yet?

    Couldn't make it work yet, but didn't tried too hard either, so...


    []'s,
    Rafael Coninck Teigao
    VP
    SafeCore Network Solutions
    http://SafeCore.NET
    +55 41 224 1785


--
-------------------------------------------------------------------------------
People should focus on the SOLUTION, not on the problem.
-------------------------------------------------------------------------------

[demime 0.98d removed an attachment of type application/x-zip-compressed which had a name of ImgSentinel.zip]